Skip to content

Commit

Permalink
check valid api key (#22)
Browse files Browse the repository at this point in the history
  • Loading branch information
dheidemann committed Jul 4, 2024
1 parent ba698b2 commit 1de6441
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 2 deletions.
2 changes: 2 additions & 0 deletions .env
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,5 @@ SMTP_PORT=
FROM_ADDRESS=

API_URL=http://localhost:8080

API_KEY=
15 changes: 13 additions & 2 deletions server/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,10 @@ import (
"github.com/rs/cors"
)

const defaultPort = "8080"
const (
defaultPort = "8080"
apiKeyHeader = "X-API-Key"
)

func main() {
ctx := context.Background()
Expand Down Expand Up @@ -66,7 +69,15 @@ func main() {

gqlResolvers := graph.Resolver{DB: db}
srv := handler.NewDefaultServer(graph.NewExecutableSchema(graph.Config{Resolvers: &gqlResolvers}))
router.Handle("/api", srv)
router.With(func(h http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Header.Get(apiKeyHeader) != os.Getenv("API_KEY") {
http.Error(w, "Invalid API Key", http.StatusUnauthorized)
return
}
h.ServeHTTP(w, r)
})
}).Handle("/api", srv)

router.Handle("/", playground.Handler("GraphQL playground", "/api"))

Expand Down

0 comments on commit 1de6441

Please sign in to comment.